We take security seriously at Air and follow many best practices to protect our customers’ data. We achieved SOC 2 compliance in 2021, during which our software and internal systems were audited to ensure we are adhering to best practices when it comes to the protection of our customers' data.

  • Air's data is encrypted in transit and at rest (SSL and AES256)

  • We conduct annual software penetration tests during which an independent security audit firm (NCC Group) attempts to hack our system and provides feedback on any potential vulnerabilities for us to resolve

  • We use security monitoring software to notify us in real time if an incident occurs which might compromise our software

  • We back up all content in multiple regions across our data centers and we take daily snapshots of our database to allow us to restore lost data in the event of a hack or failure

  • Our internal teams follow strict policies when accessing customer data, which limits the chance of a data breach

  • Customers can enforce SSO on their workspace to leverage their existing IDP and their account security policies

  • We have a robust user permissions system in place to ensure workspace admins are in full control over what their own team can access and do

Learn more about Air's approach to security here: https://air.inc/security

Did this answer your question?